India Needs More Private Firms like Phronesis to Step up Offensive Cyber Game


Over time, security researchers have consistently warned that Chinese hacker groups have been attacking several organisations worldwide. This risk has become greater in the wake of COVID-19 crisis, where India has become the most attacked nation in cyberspace, since it is apparently not able to predict most of the attacks originating from China.

One of the Chinese state-sponsored cyberespionage actors – APT41 continued to pose prolific threats to India throughout the 2020. FireEye in its tracing stated that the group had the power to quickly leverage newly disclosed vulnerabilities to its advantage. Clearly, India needs to strengthen its cyber offensive operations as it did previously with the help of private actors like Phronesis, and SideWinder.

Recently, FireEye revealed that the APT41’s campaigns were operating since 2012. They are even aligned with China’s five-year economic development plan and targeted several industries throughout the world, including India.

The Chinese threat group used phishing emails or Trojan malware and targeted vulnerable systems and devices that remained exposed to the internet. In 2020, FireEye described the attacks as “the broadest campaigns by a Chinese cyber espionage actor in the recent years. For the record, it observed that APT41 attempted to exploit vulnerabilities in Citrix NetScaler/ADC, Cisco routers, and Zoho ManageEngine Desktop Central at over 75 FireEye customers.

Amid the pandemic, the attacks from APT 41 and several other Chinese threat groups highlighted the risks associated with exposing of sensitive business information directly to the internet. Clearly, India needs to bring back focus on enhancing its cyber offensive capabilities over defensive ones to protect its interests.

To up its cyber offensive game and become a prominent player in the global supply chain, India successfully launched malware and phishing attacks against adversaries with the help of private threat groups. Today, it needs to continue building up its offensive cyber-infrastructure working with them.

Private firms like Phronesis and SideWinder that came up with offensive cyber developments are needed to counter-attack adversaries in cyberspace and to tap into their crucial information.

Phronesis, a cyber-intelligence firm by security experts Retd. Brigadier Prabhakar Bryan Miranda and Ram Chander Chhillar, has played a huge role in the fifth-generation warfare. One of its recent achievements were listed in the APT report, Monsoon.

The detailed analysis described how the private firm became successful in launching malware attack on Chinese nationals. About 170 malicious documents and 4 distinct malware families were identified in the course of investigation. Further the analytical study of the major domains used in the cyberattack pointed towards Phronesis.

Sidewinder too used the spear phishing and mobile attacks to attack the South Asian nations. The group remained very active in 2020. A report was published on the group’s activities and how it used the Binder exploit to attack mobile devices. It even used the lure files related to COVID-19 and attacked Pakistan, Bangladesh, China and Nepal.

All in all, India does harness offensive cyber capabilities, but the rate of action and retention is far below China. In order to succeed in today’s quickly developing world, it needs to focus more on the competition in the cyberspace and strengthen its offensive cyber stance. Only then will it be one step ahead of China in cyberspace.


Leave a Reply